The tactics of human-operated ransomware campaigns continue to escalate. Victims who previously feared having their their systems disrupted, their files encrypted and their data stolen and published online may now face another ultimatum: Pay up or have your data auctioned off to the highest bidder.

That's the latest threat from the Sodinokibi/REvil gang, which announced the launch of its own auction website via its own blog site. Reportedly, the group debuted its new service by offering up files stolen from a Canadian agriculture company that has not paid its ransom demand. The starting price for three stolen databases and 22,000-plus files: $50,000 in Monero cryptocurrency. Another news report identified a second victim as a food and harvest distributor with more than 10,000 stolen files up for auction.

The group also has reportedly floated the idea of selling files on veteran pop star Madonna that were digitally lifted from entertainment law firm Grubman Shire Meiselas & Sacks. Last month, files related to the firm's celebrity clients were posted on a dark web site by the REvil attackers, who have demanded a $42 million ransom payment in that case to prevent further postings and to rescue encrypted files.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.